Cyber Deception using Honeypot Allocation and Diversity: A Game Theoretic Approach
Ahmed H. Anwar, Charles Kamhoua
Abstract
Cyber deception has become the core of advanced enterprise-level defense systems. It is also being used for early detection by many experts. In this paper, we propose a novel approach for cyber deception using honeypot allocation and software diversity to enhance network security. The network defender chooses where to place the honeypots given a limited budget of resources. Also, we consider an interesting tradeoff between the level of software diversity to be implemented in the network and the operational cost incurred due to using different types of honeypots. To this end, we formulate a game-theoretic approach to characterize the honeypot allocation policy that protects the most valuable resources of the network. Moreover, we develop a game model between the two players to investigate the diversity tradeoff. Our results show that careful honeypot allocation is critical to protect high-value nodes and validate the proposed software-diversity approach.